EP1682963A1 - Procede permettant d'evaluer une permission d'utilisation d'informations et systeme de distribution de contenu mettant en oeuvre ce procede - Google Patents

Procede permettant d'evaluer une permission d'utilisation d'informations et systeme de distribution de contenu mettant en oeuvre ce procede

Info

Publication number
EP1682963A1
EP1682963A1 EP04773723A EP04773723A EP1682963A1 EP 1682963 A1 EP1682963 A1 EP 1682963A1 EP 04773723 A EP04773723 A EP 04773723A EP 04773723 A EP04773723 A EP 04773723A EP 1682963 A1 EP1682963 A1 EP 1682963A1
Authority
EP
European Patent Office
Prior art keywords
metadata
information
content
judging
use permission
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
EP04773723A
Other languages
German (de)
English (en)
Other versions
EP1682963B1 (fr
Inventor
Satoshi Niwano
Katsumi Tokuda
Kouji Miura
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Panasonic Holdings Corp
Original Assignee
Matsushita Electric Industrial Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Matsushita Electric Industrial Co Ltd filed Critical Matsushita Electric Industrial Co Ltd
Publication of EP1682963A1 publication Critical patent/EP1682963A1/fr
Application granted granted Critical
Publication of EP1682963B1 publication Critical patent/EP1682963B1/fr
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F1/00Details not covered by groups G06F3/00 - G06F13/00 and G06F21/00
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F17/00Digital computing or data processing equipment or methods, specially adapted for specific functions

Definitions

  • the present invention relates to a system in which, through broadcast and communication, digital contents such as vi deo and music, license for digital content, and metadata including attributes of digital content or control information are distributed, an d a user uses digital content by one or more terminal apparatuses.
  • the present invention relates to a system comprising a method for judging use permission of metadata and an apparatus to which the method for judging use permission is applied.
  • a content distribution service ca pable of distributing digital contents such as music, video an d game (hereinafter referred to as content) from a server apparatu s to one or more terminal apparatuses through communication such as Internet, digital broadcast, Cable Television (CATV), and of using the content in one or more terminal apparatuses has been developed for a practical use.
  • a common system used for the content distribution service uses a copyright protection techn i que for protecting a copyright of content in order to prevent an illeg al use of the content by a malicious user.
  • the copyright protection technique is, in specific, a technique of securely controllin g use of content by a user such as reproducing the content or copying it to a recording media using encoding technique, identifying technique and the like.
  • Using the copyright protection technique allows a provider such as a content provider and a service provider to securely control the use of content in the one or more terminal apparatuses by a user.
  • metadata which is data for supplementing the explanation for a content body is distributed from a content provider and the like to one or more terminal apparatuses; and the metadata is utilized by the one or more terminal apparatuses.
  • new forms of content use such as scene search of content and digest viewing are being developed.
  • the signer ID means identification information which uniquely identifies a signer.
  • the metadata is judged as impossible to be used.
  • the signature of the metadata is verified by the public key certificate, and existence or non-existence of tamper is detected.
  • the metadata is judged as impossible to be used.
  • the metadata is judged as possible to be used.
  • the object of the present invention in view of such problems as described above, is to provide a content distribution system comprising : a method for judging metadata use permission which can limit metadata that can be used for each content, and limit the use range of the metadata generated by the user; and one or more apparatuses that execute judgment according to the method for judging metadata use permission.
  • the object of the present invention is to provide: a method for judging information use permission that can certainly exclude the use of unauthorized metadata and enables the flexible use of metadata; and a content distribution system using the above mentioned method .
  • the method for judging information use permission is a method for judging use permission of information on one or more terminal apparatuses which uses content provided by a content provider and metadata which is data provided by a metadata provider and supplementing the content, the method comprising : judging use permission of the metadata based on usage control information regarding use control of the metadata; and using the metadata in the case where it is judged that the use of the metadata is permitted in said judgment.
  • the usage control information includes the first signer identification information identifying the range of the provider of the metadata that can be used, the metadata includes the signature of the metadata provider identified in the first signer identification information, and the second signer identification information identifying the signer of the signature, and in said judgment, it is judged whether the metadata use is permitted based on the metadata provider identified in said first signer identification information, said second signer identification information, and signature verification.
  • the usage control information includes reference specification information specifying a reference method of metadata in using content, and in said judgment, metadata use permission in using content is judged based on the reference specification information.
  • the usage control information includes revision permission information indicating revision permission of meta information, and in said judgment, use permission of metadata is judged based on the revision permission information.
  • the usage control information includes control permission information indicating use permission of user metadata generated by a user in the one or more terminal apparatuses, and in said judgment, metadata use permission is judged based on the control permission information.
  • the usage control information includes moving range specifying information which specifies the moving range of the user metadata generated by a user in the one or more terminal apparatuses, and in said judgment, metadata use permission is judged based on the moving range specifying information.
  • a CRL as conventionally, based on the usage control information regarding metadata use control included in the content license and the like, that is specifically, (i) signer identification information, (ii) reference specification information, (iii) revision permission information, (iv) control permission information and (v) moving range specifying information
  • use permission of the metadata can be judged.
  • use of unauthorized metadata can be certainly excluded, and flexible use of metadata can be achieved.
  • without using a CRL by using the content license, it is possible to limit metadata that can be used to only the metadata that has been digitally signed by the content provider. Also, it is possible to cause the metadata, specified by the content provider, to be used.
  • the present invention can not only be realized as the above mentioned method for judging information use permission, but also as (i) one or more terminal apparatuses that have characteristic steps, as means, included in the above mentioned method for judging information use permission, (ii) a content distribution system including the above mentioned one or more terminal apparatuses, and (iii) a program which causes a computer to execute such steps as described above. Needless to say, the above mentioned program can be distributed via a recording medium such as a CD-ROM or a transmission medium such as Internet.
  • FIG. 1 is a diagram showing an overall schematic structure of the content distribution system 1 according to the embodiment of the present invention
  • FIG. 2 is a flow chart showing schematic processes of the content distribution system according to the present invention
  • FIG. 3 is a diagram showing a table structure of the user information DB110 according to the embodiment of the present invention
  • FIG. 4 is a diagram showing the structure of the encryption content 210 according to the embodiment of the present invention
  • FIG. 5 is a diagram showing the structure of the metadata 310 according to the embodiment of the present invention
  • FIG. 1 is a diagram showing an overall schematic structure of the content distribution system 1 according to the embodiment of the present invention
  • FIG. 2 is a flow chart showing schematic processes of the content distribution system according to the present invention
  • FIG. 3 is a diagram showing a table structure of the user information DB110 according to the embodiment of the present invention
  • FIG. 4 is a diagram showing the structure of the encryption content 210 according to the embodiment of the present invention
  • FIG. 5 is a diagram showing the structure of the metadata 310 according to
  • FIG. 6 is a diagram showing the structure of the license 410 according to the embodiment of the present invention
  • FIG. 7 is a diagram showing the structure of the public key certificate 510 according to the embodiment of the present invention
  • FIG. 8 is a diagram showing the structure of the CRL 520 according to the embodiment of the present invention
  • FIG. 9 is a flow chart showing the processes of the use permission judgment of (i) the metadata signed by a content distribution server 20 or a metadata distribution server 30 or (ii) the metadata generated by a user, according to the embodiment of the present invention
  • FIG. 10 is a flow chart showing the sub-routine of the ID comparison (S101) process as shown in FIG. 9.
  • FIG. 1 is a diagram showing an overall schematic structure of the content distribution system according to the embodiment of the present invention.
  • the content distribution system 1 comprises: a membership management server 10; a content distribution server 20; a metadata distribution server 30; a license management server 40; an authentication server 50; one or more terminal apparatuses 60; and a transmission path N connecting such components as described above so that they can be communicated with each other.
  • the membership management server 10 is a computer apparatus including user information DBl lO for managing the user who subscribes to the content distribution system 1, and transmits a domain key 112 to the one or more terminal apparatuses 60.
  • the content distribution server 20 is a computer apparatus used by a content provider (CP), and includes: a content provider ID212; a secret key for the content provider; a public key for the secret key; a public key certificate; a content encryption key 415; and a content body. And, the content distribution server 20 at least generates encryption content 210 and transmits the encryption content 210 to the one or more terminal apparatuses 60.
  • the metadata distribution server 30 is a computer apparatus used by a metadata provider (MP), and includes : a metadata provider ID; a secret key for the metadata provider; a public key for the secret key; a public key certificate 510; and metadata 310.
  • the metadata distribution server 30 at least generates metadata 310 for content, and transmits the metadata 310 to the one or more terminal apparatuses 60.
  • the license management server 40 at least generates a license 410 for using the encryption content 210 and the metadata 310, and transmits the license 410 to the one or more terminal apparatuses 60.
  • the authentication server 50 is a computer apparatus used by a Certification Authority (CA), and includes a secret key for the CA, a public key for the secret key, and the like. And, the authentication server 50 at least generates a public key certificate 510 for the CP, MP and CA and a CRL 520, and transmits the CRL 520 to the one or more terminal apparatuses 60.
  • CA Certification Authority
  • the one or more terminal apparatuses 60 at least use the encryption content 210 and the metadata 310.
  • the one or more terminal apparatuses 60 include a communication unit, a tamper-proof unit and the like. And, the processes related to encryption such as authentication communication, obtaining an encryption key, encryption and decoding are executed by the tamper-proof unit so that outflow of the encryption key and the like do not occur.
  • the tamper-proof unit includes: the domain key 112; the encryption content 210; the metadata 310; the license 410; the CA public key certificate 510; a memory unit for memorizing the CRL 520 and the like; a metadata use permission judging unit judging the use permission of the metadata; and a utilization unit using content and metadata based on the judging result of the metadata use permission judging unit.
  • the transmission path N is a communication network such as
  • FIG. 2 is a sequence diagram showing the communication procedures leading to the use of the metadata 310 and the encryption content 210.
  • the membership management server 10 distributes the domain key 112 to the one or more terminal apparatuses 60 based on the member's registered request (SHOO).
  • the content distribution server 20 generates the encryption content 210 (S1200), and transmits the encryption content 210 to the one or more terminal apparatuses 60 based on the content obtainment request (S1210).
  • the metadata distribution server 30 generates the metadata 310 (S1400), and transmits the generated metadata 310 to the one or more terminal apparatuses 60 based on the metadata obtainment request from the one or more terminal apparatuses 60 (S1410).
  • the license management server 40 generates the license 410 (S1300), and transmits the license 410 to the one or more terminal apparatuses 60 based on the license purchase request (S1310).
  • the one or more terminal apparatuses 60 (i) receive the domain key 112 from the membership management server 10 (S1000), (ii) receive the encryption content 210 from the content distribution server 20 (S1010), (iii) receive the license 410 from the license management server 40 (S1020), (iv) receive the metadata 310 from the metadata distribution server 30 (S1030), and (v) use the metadata 310 and the encryption content 210 (S1040).
  • the secret-key cryptography algorithms such as Advanced
  • AES Encryption Standard
  • Triple DES Triple Data Encryption Standard
  • the below mentioned process does not depend on a particular encryption.
  • the format of digital signature in general, the
  • Algorithm 1 (SHA-1), MD5 and the like are used in general.
  • the below mentioned process does not depend on a particular calculation format.
  • the web page written in the script languages such as Hyper Text Markup Language (HTML) transmitted from a protocol such as Hyper Text Transfer Protocol (HTTP) and Extensible Markup Language (XML), or the page written in Broadcasting Markup Language (BML) transmitted by digital broadcast are used in general .
  • HTML Hyper Text Markup Language
  • XML Extensible Markup Language
  • BML Broadcasting Markup Language
  • the membership management server 10 includes the user information DBl lO made of pairs of the user IDlll and the domain key 112.
  • the user IDl ll means the ID provided to each of the owners of the one or more terminal apparatuses 60.
  • the domain means an assemble formed by the one or more terminal apparatuses 60 owned by users.
  • the domain key 112 means the encryption key used for data encryption and authentication communication so that data communication is limited only between the one or more terminal apparatuses having the same domain key 112. For example, in FIG.
  • the domain key 112 of "XXXCCC" is assigned to the user IDl l l of "XXXAAA”.
  • the one or more terminal apparatuses 60 transmit the member's registered request including the user IDl l l to the membership management server 10.
  • the membership management server 10 after receiving the request for terminal registration from the one or more terminal apparatuses 60, obtains the domain key 112 corresponding to the user IDl l l from the user information DBl lO, and transmits the domain key 112 to the one or more terminal apparatuses 60 (SHOO).
  • the one or more terminal apparatuses 60 receive the domain key 112 (S1000), and store the received domain key 112 in the memory unit of the tamper-proof unit.
  • SAC Secure Authenticated Channel
  • SSL Secure Socket Layer
  • the domain key 112 may be encrypted by the intrinsic key of the one or more terminal apparatuses 60, and transmitted from the membership management server to the one or more terminal apparatuses 60.
  • the one or more terminal apparatuses 60 transmit the content selection request to the content distribution server 20.
  • the one or more terminal apparatuses 60 display the content selection screen received from the content distribution server 20, and transmits, to the content distribution server 20, the content obtainment request including the content ID211 of the content selected by the user's operation.
  • the content selection screen after the content is selected by the one or more terminal apparatuses 60, the content obtainment request including the corresponding content ID211 is transmitted to the content distribution server 20.
  • the content distribution server 20 generates the encryption content 210 (S1200) . More specifically, the content distribution server 20, to the content body 213, by adding the content ID211 which differs for each content and the content provider ID212 which differs for each content provider, and encrypting the content provider ID212 and the content body 213 with the content encryption key 415, generates the encryption content 210.
  • the encryption content 210 includes the content ID211, the content provider ID212 and the content body 213.
  • the content provider ID212 and the content body 213 are encrypted by the content encryption key 415 included in the license 410.
  • the content ID211 is used to associate the license 410 with the encryption content 210.
  • the content provider ID212 is used to identify the provider of the encryption content 210.
  • the content body 213 is digital data such as video and music.
  • the content distribution server 20 transmits, to the one or more terminal apparatuses 60, the encryption content 210 corresponding to the content ID211 included in the content obtainment request (S1210).
  • the one or more terminal apparatuses 60 receive the encryption content 210 from the content distribution server 20 (S1010), and stores the received encryption content in the memory unit of the tamper-proof unit.
  • the transmission of the encryption content 210 from the content distribution server 20 to the one or more terminal apparatuses 60 may be executed by either streaming or file distribution.
  • the one or more terminal apparatuses 60 transmit the metadata selection request to the metadata distribution server 30.
  • the metadata distribution server 30, according to the metadata obtainment request from the one or more terminal apparatuses 60, generates the metadata selection screen, and transmits the generated metadata selection screen to the one or more terminal apparatuses 60.
  • the one or more terminal apparatuses 60 display the received metadata selection screen, and transmits the metadata obtainment request including the metadata ID of the metadata 310 selected by the user's operation to the metadata distribution server 30.
  • the metadata selection screen after the desirable metadata is selected by the one or more terminal apparatuses 60, the metadata obtainment request including the corresponding metadata ID is transmitted to the metadata distribution server 30.
  • the metadata distribution server 30 generates the metadata
  • the metadata distribution server 30 generates the metadata body 311, and stores the ID of the metadata provider into the metadata signer ID312. Thus, the metadata distribution server 30 generates a digital signature 313 for the metadata body 311 and the metadata signer ID312.
  • the digital signature of the metadata 310 is executed by the content distribution server 20.
  • the metadata body 311 is transmitted from the metadata distribution server 30 to the content distribution server 20.
  • the content distribution server 20 stores the content provider ID into the metadata signer ID312, and generates the metadata 310 by generating the digital signature 313 of the content provider.
  • the metadata 310 is transmitted to the metadata distribution server 30.
  • the metadata 310 as shown in FIG.
  • the metadata body 311 includes, in addition to the metadata per se : the metadata ID3111 for identifying metadata; attribute information 3112 such as a content ID; location information 3113 for content; control information 3114 for content such as a scene index; and a generation-by-user flag 3115 for indicating that the metadata is the metadata generated by the user.
  • the metadata signer ID312 is used to identify the signer who has digitally signed the metadata 310.
  • the digital signature 313 is used for detecting tamper of the metadata body 311.
  • the metadata distribution server 30 transmits, to the one or more terminal apparatuses 60, the metadata 310 corresponding to the metadata ID included in the metadata obtainment request (S1410).
  • the one or more terminal apparatuses 60 receive the metadata 310 from the metadata distribution server (S1030) and store the received metadata 310 in the memory unit of the tamper-proof unit. Next, the process leading to the reception of the license 410 of the content will be explained.
  • the one or more terminal apparatuses 60 transmit the license selection request to the license management server 40.
  • the license management server 40 according to the license selection request from the one or more terminal apparatuses 60, generates the license selection screen, and transmits the generated license selection screen to the one or more terminal apparatuses 60.
  • the one or more terminal apparatuses 60 display the received license selection screen, and transmits, to the license management server 40, the license purchase request including the license ID411 of the license 410 selected by the user's operation.
  • the license purchase request including the corresponding license ID is transmitted to the license management server 40.
  • the license management server 40 generates the license 410 including the corresponding license ID when the license purchase request is made (S1300). More specifically, the license management server 40 receives, from the content distribution server 20 : a content ID412; a content provider ID413; usage rules 414; and a content encryption key 415, and generates the license 410 by adding the license ID411 (S1300).
  • the iicense 410 as shown in FIG. 6, includes : the license ID411 ; the content ID412; the content provider ID413; the usage rules 414; and the content encryption key 415.
  • the license ID411 is used for identifying the license 410 in the license management server 40.
  • the content ID412 is used for associating the license 410 with the encryption content 210.
  • the content provider ID413 is used for identifying the content provider of the content controlled by the license 410.
  • the usage rules 414 are used for controlling the use of the content and metadata.
  • the content encryption key 415 is used for decoding the content. More specifically, the usage rules 414 include information regarding content use control 4140 and information regarding metadata use control 4144.
  • As the information regarding content use control 4140 there are information regarding use expiration date 4141, information regarding possible use frequency 4142, and the like.
  • As the information regarding use expiration date 4141 for example, information such as "use possible until December 31 of 2005" is included.
  • the signer identification information 4145 is information for specifying a signer of metadata that can be used, and includes: a signer ID; a content provider; a group of metadata providers trusted by the above mentioned content provider; and a flag indicating no-limit of such group as described above.
  • signer identification information 4145 for example, as the metadata signer, signer identification information such as "impossible except for the content provider", "possible for the content provider and metadata provider authorized by the content provider” or “possible for all” are included.
  • the metadata provider authorized by the content provider is a metadata provider having a public key certificate 510 digitally signed by the content provider, and has a higher credibility of the content distribution server 20 than the other metadata providers.
  • the metadata signer identification information 4145 may be the metadata signer ID312 which permits or disapproves.
  • the reference specification information 4146 is information which specifies a reference method of metadata when using content, and includes: a flag specifying the necessity of referring to metadata; a metadata ID to be referred to; a signer ID of the metadata to be referred to, and the like.
  • the metadata reference specification information 4146 for example, in the case where it is desired to force the reference of the metadata 310 to be distributed with the encryption content 210, the metadata reference specifying flag is included.
  • the reference specification information 4146 may be either of the metadata reference specifying flag, the metadata ID of the metadata desired to force a reference, or the metadata signer ID of the metadata. According to the present embodiment, the example of including the metadata reference specification information 4146 in the content license is described.
  • the encryption content 210 may include the reference specification information 4146.
  • the revision permission information 4147 includes: a flag indicating the metadata revision permission, the revisable metadata ID, a signer ID of the revisable metadata, a content provider, a group of metadata providers trusted by the above mentioned content provider, and a flag indicating no-limit of such metadata providers.
  • the revision permission information 4147 of metadata may be, for example, either of a flag indicating "metadata revisable” or "metadata non-revisable", a metadata ID of the revisable metadata or non-revisable metadata, or a metadata signer ID 312 which has digitally signed the revisable metadata or non-revisable metadata.
  • the revision permission information 4147 of metadata is included in the content license.
  • the revision permission information 4147 may be included in either of the following : the encryption content 210; the metadata body 311 of the metadata 310; or the license of the metadata 310 in the case where the metadata 310 is encrypted as well as the content and there is a license of the metadata 310 including an encryption key.
  • the control permission information 4148 is a flag indicating the use permission of the metadata generated by the user. In other words, as the control permission information 4148 according to the metadata generated by the user, for example, information such as "control possible according to the metadata generated by the user" or "control impossible according to the metadata generated by the user" is included.
  • the moving range specifying information 4149 is information which specifies one or more terminal apparatuses which have generated metadata generated by the user possible to be used. And, the moving range specifying information 4149 includes: a flag indicating no-limit or limiting to one or more terminal apparatuses owned by the user who has generated the metadata; the use frequency which limits the use in one or more terminal apparatuses except for the one or more terminal apparatuses owned by the user who has generated the metadata; the expiration date and the like. In other words, as the moving range specifying information
  • the moving range specifying information 4149 for example, information indicating the moving range such as "move unlimited” or “limiting to one or more terminal apparatuses owned by the user who has generated the metadata" is included.
  • the moving range specifying information 4149 of the metadata generated by the user is included in the content license.
  • the moving range specifying information 4149 may be included in either of the following : the encryption content 210; the metadata body 311 of the metadata 310; and the metadata license in the case where he metadata is encrypted as well as the content, and there is a license of the metadata including an encryption key.
  • the license management server 40 After the license generation is finished, the license management server 40, according to the license obtainment request from the one or more terminal apparatuses 60, after executing a purchase process of the license, transmits the license 410 to the one or more terminal apparatuses 60 (S1310).
  • the purchase process of the license is executed between the purchase server which is not shown in the drawings and the license management server 40.
  • the license 410 is communicated between the license management server 40 and the one or more terminal apparatuses 60 through the transmission path N, in order to ensure security, after establishing SAC, data is communicated.
  • the license 410 is communicated.
  • the license 410 may be encrypted using the intrinsic key of the one or more terminal apparatuses 60, and transmitted from the license management server 40 to the one or more terminal apparatuses 60.
  • the one or more terminal apparatuses 60 receive the license
  • the one or more terminal apparatuses 60 transmit a request for a public key certificate to the content distribution server 20, and receives the public key certificate 510 of the content distribution server 20. Also, the one or more terminal apparatuses 60 transmit a request for a public key certificate to the metadata distribution server 30, and receive the public key certificate 510 of the metadata distribution server 30. Moreover, the one or more terminal apparatuses 60 transmit a request for a public key certificate to the au thentication server 50, and receive the public key certificate 510 of the authentication server 50. Although it is not shown in FIG.
  • the authentication server 50 ge nerates the public key certificate 510, and transmits the public key certificate 510 to the content distribution server 20 and the metadata distribution server 30. Also, every time the content distribution server 20 requests a revoke of the metadata distribution se rver 30, the authentication server 50 generates a CRL, and tra nsmits the generated CRL to the one or more terminal ap paratuses 60. More specifically, the authentication server 50 has a secret key and a public key paired with the secret key.
  • the authentication server 50 transmits the public key certificate 510 to the subjects.
  • the authentication server 50 (i) generates a su bject ID 511 which differs for each subject public key 512, (ii) ge nerates a digital signature 513 for the subject ID 511 and the su bject public key 512, (iii) generates a public key certificate 510 made of the subject ID 511, the subject public key 512 and the dig ital signature 513, and (iv) transmits the public key certificate 51 O to the content distribution server 20 or the metadata distribution server 30.
  • the content distribution server 20 may execute the generation process of the public key certificate 510 of the metadata distribution server 30.
  • the metadata distribution server 30 having the public key certificate 510 digitally signed by the content distribution server 20 may be judged as trusted by the content distribution server 20 more than the other metadata distribution server 30.
  • Such method as described above is a general method called a certificate pass, and specifically explained in non-patent literature 1.
  • the public key certificate 510 includes, at least, the subject ID 511, the subject public key 512, the digital signature 513 and the certificate signer ID 514.
  • the subject ID 511 is an ID identifying the subject of the public key certificate 510, and, for example, the serial number of the X. 509 certificate may be used.
  • the subject public key 512 is used for verification of the digital signature of the signer specified by the subject ID 511.
  • the digital signature 513 is used for the tamper detection of, at least, the subject ID 511 and the subject public key 512.
  • the certificate signer ID 514 is used for specifying the signer who has digitally signed the public key certificate 510.
  • the authentication server 50 has a CRL 520.
  • the CRL 520 includes, at least, a renewal date 521 and a revoked subject ID 522.
  • a revoke means to revoke the digital signature by the signer specified by the subject ID 522.
  • the renewal date 521 is, for example, a date when the CRL
  • the revoked subject ID522 is used for identifying the signer to be revoked .
  • the authentication server 50 After receiving a request for the CRL renewal including the ID of the metadata distribution server 30 to be revoked from the content distribution server 20, the authentication server 50 (i) renews the renewal date 521 to the CRL generation date, for exa mple, from "January 1, 2003” to "November 11, 2003", (ii) adds the received ID of the metadata distribution server 30 to the subject ID522, (iii) generates the CRL 520, and (iv) transmits the CRL 520 to the one or more terminal apparatuses 60.
  • the domain key 112 is obtained from the membership management server 10 (S1000); the encryption content 210 is received from the content distribution server 20 (S1 O 10); the license 410 is received from the license management server 40 (S1020) ; the metadata 310 is received from the metadata distribution server 30 (S1030); and the one or more terminal apparatuses 60 use the metadata 310 and the content (S1040).
  • FIG. 9 is a flow chart showing the operations of the use permission judging process of the metadata by the one or more terminal apparatuses 60.
  • the metadata 310 judges whether or not the metadata is the metadata generated by the user (S200).
  • the process of judging metadata generated by the user will be explained later.
  • the process is transited to the signer identification information judgment (S100).
  • the signer identification information judgment (S100) the signer identification information 4145 is obtained from the usage rules 414 of the license 410, and judged which of the following the signer identification information 4145 is: "impossible except for the content provider", "possible for the content provider and the metadata provider authorized by the content provider", or "possible for all”.
  • FIG. 10 is a flow chart showing the sub-routine of the ID co mparison (S101).
  • the ID comparison (S101) (i) the encryption content 210 is decrypted by the content encryption key 415, (ii) the content provider ID212 is obtained, (iii) the metadata signer ID312 is obtained from the metadata 310, and (iv) the above mentioned content provider ID212 and metadata signer ID312 are compared
  • the content provider ID212 is compared with the certificate signer ID514 of the public key certificate 510 for which the metadata signer ID312 and the subject ID511 correspond with each other (S303).
  • the process is transited to the signature verification (step S102). In other words, in order to fulfill the requirement that "possible for the content provider and the metadata provider authorized by the content provider", the process is advanced to the step S102.
  • the signer identification information 4145 is "impossible except for the content provider", even if the signer identification information 4145 sets the signer of the metadata possible to be used as "except for the content provider", as the signer of the metadata 310 is other than the content distribution server 20, the metadata 310 cannot be used.
  • the certificate signer ID514 and the content provider ID212 do not correspond with each other, even if the signer identification information 4145 sets the signer of the metadata possible to be used as "possible for the content provider and the metadata provider authorized by the content provider", as the signer of the metadata is other than the content distribution server 20 and the metadata distribution server 30 authorized by the content distribution server 20, the metadata
  • the metadata 310 is judged as possible to be used .
  • the signer identification information 4145 is "possible for all”
  • the process is transited to the CRL confirmation (S110).
  • the CRL conformation (S110) whether or not the metadata signer ID312 of the metadata 310 is included in the revoked subject ID522 of the CRL 520 is judged.
  • the process is transited to the signature verification (S102), and the use permission is judged depending on the existence of tamper.
  • the metadata signer ID312 is included in the list, as the signer is revoked, the metadata 310 Is judged as impossible to be used.
  • the signer identification information 4145 is the flag which identifies one value out of the three values such as “impossible except for the content provider", “possible for the content provider and the metadata provider authorized by the content provider” or “possible for all”.
  • the signer identification information 4145 may be a flag identifying one value out of at least two values among "impossible except for the content provider", “possible for the content provider and the metadata provider authorized by the content provider” or "possible for all”.
  • the signer identification information 4145 is the flag identifying "impossible except for the content provider" or “possible for all”
  • the process of the case where the signer identification information 4145 according to the present embodiment is "possible for the content provider and the metadata provider authorized by the content provider” is not executed.
  • the signer identification information 4145 is a flag identifying "impossible except for the content provider” or “possible for the content provider and the metadata provider authorized by the content provider”
  • the process of the case where the signer identification information 4145 is "possible for all” is not executed.
  • the same effects can be achieved in either of the above mentioned cases.
  • the signer identification information 4145 is stored in the usage rules 414 of the license 410.
  • the signer identification information 4145 may be stored in the other areas than the usage rules 414 in the license 410.
  • the signer identification information 4145 may be stored in the encryption content 210.
  • the signer identification information 4145 may be stored in the license of the metadata 310.
  • the obtainment sources of the signer identification information 4145 respectively d iffer, but the same effects can be achieved in each case.
  • the signer identificationi on information 4145 is a flag indicating "impossible except for the content provider", "possible for the content provider and the m etadata provider authorized by the content provider" or "possible for all”.
  • the signer identification information 4145 may be the metadata signer ID312 of the metadata 310.
  • the signer of the metadata possible to be used is limited to the signer of the metadata signer ID312.
  • the same effects can be achieved.
  • the content provider ID212 included in the encryption content 210 is used.
  • the subject ID511 included in the public key certificate 510 may be used.
  • the stored content provider ID may be used.
  • the content provider ID of the license of the metadata 310 may be used.
  • the content provider ID of the content distributio n server 20 can be specified, the same effects can be achieved.
  • the metadata generated by the user may be digitally signed.
  • the later mentioned judgment of the metadata generated by the user S200
  • whether or not the digita l signer of the metadata 310 is the one or more terminal apparatuses 60 owned by the user is judged .
  • the one or more terminal apparatuses 60 do not have a secret key and a public key certificate, by encrypting the hush value of the metadata 310 using the domain key 112 or the intrinsic key, the same effects can be achieved.
  • the one or more terminal apparatuses 60 obtain, from the usage rules 414, the moving range specifying information 4149 of the metadata generated by the user.
  • the metadata generated by the above mentioned process is accumulated, as it is, in the one or more terminal apparatuses 60 and the like.
  • the metadata body 311 may be encrypted by the domain key 112 and accumulated in the one or more terminal apparatuses 60 or an external memory medium such as a DVD-R. Otherwise, the metadata body 311 may be transmitted to the other terminal apparatuses owned by the user.
  • the metadata body 311 is encrypted by the domain key, even if one or more terminal apparatuses 60 of a different domain obtain the metadata 310, the metadata 310 cannot be used.
  • the metadata body 311 is encrypted using the domain key 112.
  • the secret information common to the one or more terminal apparatuses 60 owned by the user is used, other information may be used.
  • the one or more terminal apparatuses 60 execute judgment of the metadata generated by the user (S200).
  • control permission information 4148 according to the metadata generated by the user is "control possible according to the metadata generated by the user”
  • the process is transited to the moving range judgment of the metadata generated by the user (S202).
  • the moving range specifying information 4149 of the metadata generated by the user is obtained from the usage rules 414 of the license 410.
  • the moving range specifying information 4149 is "move unlimited”
  • the metadata generated by the above mentioned process is judged as possible to be used .
  • the metadata body 311 is decrypted by the domain key 112, and whether or not there is a generation-by-user flag 3115 indicating that the metadata is the metadata generated by the user (S203).
  • the metadata 310 is judged as possible to be used.
  • the metadata 310 cannot be used. Al so, as a result of the judgment of the step S201, in the case where "control according to the metadata generated by the user is impossible", the metadata 310 cannot be used.
  • the moving range specifying information 4149 is a flag indicating either of "control possible according to the metadata generated by the user” or "control impossible according to the metadata generated by the user”.
  • the moving range specifying information 4149 is "control possible according to the metadata generated by the user"
  • the moving range of the metadata generated by the user is limited to the one or more terminal apparatuses owned by the user.
  • the usage rules such as the moving frequency and the moving expiration date may be stored as the moving range specifying information 4149
  • the metadata generated by the user may be encrypted by the encryption key generated by the one or more terminal apparatuses 60.
  • the usage rules such as the moving freq uency and the moving expiration date stored as the moving range specifying information 4149, the moving may be limited.
  • the moving range of the metadata generated by the user is limited by the moving frequency and the moving expiration date stored as the moving range specifying information 4149.
  • the verification of the public key signature requires a long processing time. It is inefficient to repeatedly verify the once verified metadata using the public key.
  • the signature verification process can be omitted .
  • the processing time can be reduced to a large extent.
  • the on e or more terminal apparatuses 60 detect, from the usage rules 4- 14 of the license 410, whether or not the reference specification i nformation 4146 of the metadata exists. In the case where the reference specification information 4146 does not exist, the use of the encryption content 210 is started. In the case where the reference specification information 4146 exists, the reference specification i nformation 4146 is obtained. And, the metadata to be referred to is obtained from the metadata ID included in the reference specification information 4146. In the case where in the use permissio n judgment of the metadata the metadata is judged as possible to be used, the use of the content is started in reference to the metadata .
  • the reference specification i nformation 4146 is the metadata ID.
  • the reference specification information 4146 may be the metadata signer ID312.
  • the reference specification information 4146 is the metadata ID.
  • the reference specification information 4146 may be the flag for identifying whether to refer or not to refer to the above mentioned encryption content 210 and metadata 310.
  • the one or more terminal apparatuses 60 obtain the revision permission information 4147 of the metadata from the usage rules 414 of the l icense 410, and make a judgment from either of "metadata revisable” or "metadata non-revisable”.
  • the metadata 310 incl uding the content ID211 of the encryption content 210 in the metadata body 311 cannot be revised.
  • the revision permission information 4147 is "metadata revisable”
  • the metadata 310 including the content ID211 of the encryption content 210 in the metadata body 311 is revised.
  • a request for a re-digital signature including the revised metadata 310 is transmitted to the signer of the metadata signer ID312.
  • the signer of the metadata signer ID312 receives the re-digitally signed metadata 310.
  • the revision permission information 4147 is a flag indicating either of "metadata revisable” or "metadata non-revisable”.
  • the revision permission information 4147 may be the metadata ID of the revisable metadata 310. In such case as described above, only the metadata 310 specified by the revision permission information 4147 is judged as possible to be revised.
  • the revision permission information 4147 may be the metadata ID of the non-revisable metadata 310. In such case as described above, only the metadata 310 specified by the revision permission information 4147 is judged as non-revisable.
  • the metadata 310 is re-digitally signed by the signer of the metadata signer ID312.
  • the one or more terminal apparatuses 60 may digitally sign the metadata 310.
  • the content distribution system 1 can control the use of the metadata 310 by the content distribution server 20, and is beneficial as the content distribution system which can exclude the metadata with low credibility unintended by the content distribution server 20.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Technology Law (AREA)
  • Multimedia (AREA)
  • Data Mining & Analysis (AREA)
  • Databases & Information Systems (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

La présente invention concerne un procédé permettant d'évaluer une permission d'utilisation d'informations sur un ou plusieurs appareils terminaux utilisant du contenu fourni par un fournisseur de contenu et des métadonnées fournies par un fournisseur de métadonnées et complétant ledit contenu, ce procédé comprenant: l'évaluation de la permission d'utilisation des métadonnées sur la base d'informations de régulation de l'utilisation de ces métadonnées; et l'utilisation de ces métadonnées dans le cas où la permission est donnée d'utiliser ces métadonnées au cours de l'évaluation de la permission d'utilisation desdites métadonnées. De manière spécifique, les informations de régulation de l'utilisation incluent de premières informations d'identification du signataire qui identifient la gamme de fournisseur de ces métadonnées qui peut être utilisée. Les métadonnées incluent une signature du fournisseur des métadonnées identifiée dans les premières informations d'identification du signataire, et de secondes informations d'identification du signataire identifiant le signataire ayant effectuer la signature. En outre, ladite évaluation de la permission d'utilisation des métadonnées permet d'évaluer la permission d'utilisation des métadonnées en fonction du fournisseur de métadonnées identifié dans lesdites premières informations d'identification du signataire, lesdites secondes informations d'identification du signataire, et la vérification de la signature.
EP04773723A 2003-11-11 2004-10-05 Procede permettant d'evaluer une permission d'utilisation d'informations et systeme de distribution de contenu mettant en oeuvre ce procede Expired - Lifetime EP1682963B1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2003380849 2003-11-11
PCT/JP2004/014996 WO2005045651A1 (fr) 2003-11-11 2004-10-05 Procede permettant d'evaluer une permission d'utilisation d'informations et systeme de distribution de contenu mettant en oeuvre ce procede

Publications (2)

Publication Number Publication Date
EP1682963A1 true EP1682963A1 (fr) 2006-07-26
EP1682963B1 EP1682963B1 (fr) 2007-03-21

Family

ID=34567254

Family Applications (1)

Application Number Title Priority Date Filing Date
EP04773723A Expired - Lifetime EP1682963B1 (fr) 2003-11-11 2004-10-05 Procede permettant d'evaluer une permission d'utilisation d'informations et systeme de distribution de contenu mettant en oeuvre ce procede

Country Status (7)

Country Link
US (1) US7694149B2 (fr)
EP (1) EP1682963B1 (fr)
KR (1) KR20060121920A (fr)
CN (1) CN100399225C (fr)
AT (1) ATE357688T1 (fr)
DE (1) DE602004005485T2 (fr)
WO (1) WO2005045651A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2071573A3 (fr) * 2007-12-10 2009-07-29 Fujitsu Limited Appareil de traitement d'informations et système de distribution de licence dans un domaine et avec des privilèges

Families Citing this family (50)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7577999B2 (en) * 2003-02-11 2009-08-18 Microsoft Corporation Publishing digital content within a defined universe such as an organization in accordance with a digital rights management (DRM) system
US7370212B2 (en) 2003-02-25 2008-05-06 Microsoft Corporation Issuing a publisher use license off-line in a digital rights management (DRM) system
US7827156B2 (en) * 2003-02-26 2010-11-02 Microsoft Corporation Issuing a digital rights management (DRM) license for content based on cross-forest directory information
EP1639440A4 (fr) 2003-04-25 2009-03-11 Apple Inc Interface graphique utilisateur destinee a l'exploration, a la recherche et a la presentation d'articles de media
US20040215534A1 (en) 2003-04-25 2004-10-28 Apple Computer, Inc. Method and system for network-based allowance control
US7716288B2 (en) 2003-06-27 2010-05-11 Microsoft Corporation Organization-based content rights management and systems, structures, and methods therefor
US7844548B2 (en) 2003-10-15 2010-11-30 Apple Inc. Techniques and systems for electronic submission of media for network-based distribution
US9313214B2 (en) * 2004-08-06 2016-04-12 Google Technology Holdings LLC Enhanced security using service provider authentication
US8438645B2 (en) 2005-04-27 2013-05-07 Microsoft Corporation Secure clock with grace periods
US8725646B2 (en) 2005-04-15 2014-05-13 Microsoft Corporation Output protection levels
US20060265758A1 (en) 2005-05-20 2006-11-23 Microsoft Corporation Extensible media rights
JP4883342B2 (ja) * 2005-09-06 2012-02-22 ソニー株式会社 情報処理装置および方法、並びにプログラム
US20070061268A1 (en) * 2005-09-12 2007-03-15 Microsoft Corporation Prepaid or pay-as-you-go software, content and services delivered in a secure manner
KR100924777B1 (ko) * 2006-01-03 2009-11-03 삼성전자주식회사 라이센스를 생성하는 방법 및 장치
US20090133129A1 (en) * 2006-03-06 2009-05-21 Lg Electronics Inc. Data transferring method
US8429300B2 (en) 2006-03-06 2013-04-23 Lg Electronics Inc. Data transferring method
CN101395596B (zh) 2006-03-06 2010-10-27 Lg电子株式会社 数据传递方法
US8015237B2 (en) * 2006-05-15 2011-09-06 Apple Inc. Processing of metadata content and media content received by a media distribution system
US7962634B2 (en) 2006-05-15 2011-06-14 Apple Inc. Submission of metadata content and media content to a media distribution system
US7827162B2 (en) 2006-05-15 2010-11-02 Apple Inc. Media package format for submission to a media distribution system
KR20080022476A (ko) 2006-09-06 2008-03-11 엘지전자 주식회사 논컴플라이언트 컨텐츠 처리 방법 및 디알엠 상호 호환시스템
US8312558B2 (en) 2007-01-03 2012-11-13 At&T Intellectual Property I, L.P. System and method of managing protected video content
US8918508B2 (en) * 2007-01-05 2014-12-23 Lg Electronics Inc. Method for transferring resource and method for providing information
US8584206B2 (en) 2007-02-16 2013-11-12 Lg Electronics Inc. Method for managing domain using multi domain manager and domain system
US9984369B2 (en) * 2007-12-19 2018-05-29 At&T Intellectual Property I, L.P. Systems and methods to identify target video content
US20090259502A1 (en) * 2008-04-10 2009-10-15 Daniel David Erlewine Quality-Based Media Management for Network-Based Media Distribution
US9342287B2 (en) 2008-05-05 2016-05-17 Apple Inc. Software program ratings
US9076176B2 (en) 2008-05-05 2015-07-07 Apple Inc. Electronic submission of application programs for network-based distribution
JP4666015B2 (ja) * 2008-07-08 2011-04-06 ソニー株式会社 コンテンツ配信システム、コンテンツ受信端末、及びコンテンツ配信方法
US8166563B2 (en) * 2008-07-15 2012-04-24 Eclipse Data Technologies Remanufacture of encrypted content using a replicated medium
US20100235254A1 (en) * 2009-03-16 2010-09-16 Payam Mirrashidi Application Products with In-Application Subsequent Feature Access Using Network-Based Distribution System
US9729609B2 (en) 2009-08-07 2017-08-08 Apple Inc. Automatic transport discovery for media submission
US8935217B2 (en) 2009-09-08 2015-01-13 Apple Inc. Digital asset validation prior to submission for network-based distribution
US20120036365A1 (en) * 2010-08-06 2012-02-09 Microsoft Corporation Combining request-dependent metadata with media content
JP5282795B2 (ja) * 2011-02-25 2013-09-04 ブラザー工業株式会社 情報通信システム、情報処理方法、ノード装置及びプログラム
US8572368B1 (en) * 2011-09-23 2013-10-29 Symantec Corporation Systems and methods for generating code-specific code-signing certificates containing extended metadata
US9203624B2 (en) 2012-06-04 2015-12-01 Apple Inc. Authentication and notification heuristics
US8990188B2 (en) 2012-11-30 2015-03-24 Apple Inc. Managed assessment of submitted digital content
US10051329B2 (en) * 2012-12-10 2018-08-14 DISH Technologies L.L.C. Apparatus, systems, and methods for selecting and presenting information about program content
US9087341B2 (en) 2013-01-11 2015-07-21 Apple Inc. Migration of feedback data to equivalent digital assets
US9749321B2 (en) * 2013-01-22 2017-08-29 Prolifiq Software Inc. System for multi-point publication syndication
US10776754B2 (en) * 2014-11-26 2020-09-15 Adobe Inc. Content creation, deployment collaboration, and subsequent marketing activities
US10833843B1 (en) 2015-12-03 2020-11-10 United Services Automobile Association (USAA0 Managing blockchain access
WO2017117357A1 (fr) * 2015-12-30 2017-07-06 Xiaolin Zhang Système et procédé de sécurité de données
US10084798B2 (en) * 2016-06-30 2018-09-25 Juniper Networks, Inc. Selective verification of signatures by network nodes
US10693660B2 (en) * 2017-01-05 2020-06-23 Serge Vilvovsky Method and system for secure data storage exchange, processing, and access
CN107579831B (zh) * 2017-09-06 2021-06-18 吕文华 一种将同一数字证书复用于多个终端的方法、装置和系统
CN109063427A (zh) * 2018-10-29 2018-12-21 北京京航计算通讯研究所 基于j2ee技术体系的应用软件许可认证方法
JP2020160503A (ja) * 2019-03-25 2020-10-01 富士ゼロックス株式会社 情報処理システム
US12081537B2 (en) * 2022-01-21 2024-09-03 VMware LLC Secure inter-application communication with unmanaged applications using certificate enrollment

Family Cites Families (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6208805B1 (en) 1992-02-07 2001-03-27 Max Abecassis Inhibiting a control function from interfering with a playing of a video
ATE221677T1 (de) * 1996-02-09 2002-08-15 Digital Privacy Inc Zugriffssteuerungs/verschlüsselungssystem
US6185684B1 (en) * 1998-08-28 2001-02-06 Adobe Systems, Inc. Secured document access control using recipient lists
US6205549B1 (en) * 1998-08-28 2001-03-20 Adobe Systems, Inc. Encapsulation of public key cryptography standard number 7 into a secured document
US6353831B1 (en) * 1998-11-02 2002-03-05 Survivors Of The Shoah Visual History Foundation Digital library system
US6920567B1 (en) * 1999-04-07 2005-07-19 Viatech Technologies Inc. System and embedded license control mechanism for the creation and distribution of digital content files and enforcement of licensed use of the digital content files
US6834110B1 (en) * 1999-12-09 2004-12-21 International Business Machines Corporation Multi-tier digital TV programming for content distribution
JP2002015548A (ja) * 2000-06-27 2002-01-18 Pioneer Electronic Corp 情報記録装置及び情報記録方法、記録媒体並びに情報記録媒体
GB0015896D0 (en) * 2000-06-28 2000-08-23 Twi Interactive Inc Multimedia publishing system
US6760042B2 (en) * 2000-09-15 2004-07-06 International Business Machines Corporation System and method of processing MPEG streams for storyboard and rights metadata insertion
US7496767B2 (en) * 2001-01-19 2009-02-24 Xerox Corporation Secure content objects
JP4168606B2 (ja) * 2001-06-28 2008-10-22 ソニー株式会社 情報処理装置および方法、記録媒体、並びにプログラム
JP3884432B2 (ja) * 2001-07-18 2007-02-21 トゲヴァ・ホールディング・アクチェンゲゼルシャフト 電気通信方法、識別モジュール、およびコンピュータ化サービスユニット
JP2003051816A (ja) 2001-08-07 2003-02-21 Sony Corp コンテンツ配信システム、コンテンツ配信方法、およびデータ処理装置、データ処理方法、並びにコンピュータ・プログラム
FI115420B (fi) * 2001-08-20 2005-04-29 Helsingin Kauppakorkeakoulu Informaatiopalveluiden käyttäjäkohtainen personointi
US20030122966A1 (en) 2001-12-06 2003-07-03 Digeo, Inc. System and method for meta data distribution to customize media content playback
US7774611B2 (en) * 2002-05-06 2010-08-10 Hewlett-Packard Development Company, L.P. Enforcing file authorization access
US20040267693A1 (en) * 2003-06-30 2004-12-30 Darryn Lowe Method and system for evaluating the suitability of metadata
US7213036B2 (en) * 2003-08-12 2007-05-01 Aol Llc System for incorporating information about a source and usage of a media asset into the asset itself

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2005045651A1 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2071573A3 (fr) * 2007-12-10 2009-07-29 Fujitsu Limited Appareil de traitement d'informations et système de distribution de licence dans un domaine et avec des privilèges
US7912787B2 (en) 2007-12-10 2011-03-22 Fujitsu Limited Information processing apparatus and license distribution system

Also Published As

Publication number Publication date
DE602004005485T2 (de) 2007-11-29
WO2005045651A1 (fr) 2005-05-19
CN1829950A (zh) 2006-09-06
US20060272026A1 (en) 2006-11-30
WO2005045651B1 (fr) 2005-09-01
KR20060121920A (ko) 2006-11-29
DE602004005485D1 (de) 2007-05-03
EP1682963B1 (fr) 2007-03-21
ATE357688T1 (de) 2007-04-15
US7694149B2 (en) 2010-04-06
CN100399225C (zh) 2008-07-02

Similar Documents

Publication Publication Date Title
US7694149B2 (en) Method for judging use permission of information and content distribution system using the method
US7971261B2 (en) Domain management for digital media
JP4524124B2 (ja) ディジタル権利管理(drm)サーバのdrmアーキテクチャへのエンロール/サブエンロール
JP4619665B2 (ja) ディジタル権利管理(drm)システムでのパブリッシャ使用ライセンスのオフラインでの発行
KR100965886B1 (ko) 메타데이터 관리 방법
US8533858B2 (en) Domain management method and domain context of users and devices based domain system
US10567371B2 (en) System and method for securing the life-cycle of user domain rights objects
EP1922638B1 (fr) Gestion des informations de revocation
JP2008524681A (ja) ネットワーク・クラスタ近接性要件を強化するシステムおよび方法
EP1735939A1 (fr) Systeme et procede de partage de licences numeriques
KR101452708B1 (ko) Ce 장치 관리 서버, ce 장치 관리 서버를 이용한drm 키 발급 방법, 및 그 방법을 실행하기 위한프로그램 기록매체
US7995766B2 (en) Group subordinate terminal, group managing terminal, server, key updating system, and key updating method therefor
JP2008541638A (ja) 論理パーティションを用いて、暗号化されたコンテンツを管理するためのシステムおよび方法
JP4732746B2 (ja) コンテンツ配信システム、ライセンス配信方法および端末装置
JP4565955B2 (ja) 情報利用可否判定方法、端末装置、送信装置、コンテンツ配信システム、およびプログラム

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20060116

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LI LU MC NL PL PT RO SE SI SK TR

GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

DAX Request for extension of the european patent (deleted)
GRAS Grant fee paid

Free format text: ORIGINAL CODE: EPIDOSNIGR3

GRAA (expected) grant

Free format text: ORIGINAL CODE: 0009210

AK Designated contracting states

Kind code of ref document: B1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LI LU MC NL PL PT RO SE SI SK TR

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20070321

Ref country code: PL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20070321

Ref country code: CH

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20070321

Ref country code: BE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20070321

Ref country code: FI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20070321

Ref country code: LI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20070321

Ref country code: AT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20070321

Ref country code: NL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20070321

REG Reference to a national code

Ref country code: GB

Ref legal event code: FG4D

REG Reference to a national code

Ref country code: CH

Ref legal event code: EP

REF Corresponds to:

Ref document number: 602004005485

Country of ref document: DE

Date of ref document: 20070503

Kind code of ref document: P

REG Reference to a national code

Ref country code: IE

Ref legal event code: FG4D

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20070621

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: ES

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20070702

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: PT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20070821

REG Reference to a national code

Ref country code: CH

Ref legal event code: PL

NLV1 Nl: lapsed or annulled due to failure to fulfill the requirements of art. 29p and 29m of the patents act
EN Fr: translation not filed
PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20070321

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: CZ

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20070321

Ref country code: RO

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20070321

PLBE No opposition filed within time limit

Free format text: ORIGINAL CODE: 0009261

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: DK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20070321

26N No opposition filed

Effective date: 20071227

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: IT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20070321

Ref country code: FR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20071123

Ref country code: GR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20070622

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: MC

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20071031

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: IE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20071005

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: FR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20070321

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: EE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20070321

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: CY

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20070321

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: BG

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20070621

Ref country code: LU

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20071005

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: TR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20070321

Ref country code: HU

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20070922

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: GB

Payment date: 20100929

Year of fee payment: 7

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: DE

Payment date: 20100929

Year of fee payment: 7

GBPC Gb: european patent ceased through non-payment of renewal fee

Effective date: 20121005

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: GB

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20121005

Ref country code: DE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20130501

REG Reference to a national code

Ref country code: DE

Ref legal event code: R119

Ref document number: 602004005485

Country of ref document: DE

Effective date: 20130501